//------------------------------------------------------------------------------
// <copyright company="Telligent Systems">
//     Copyright (c) Telligent Systems Corporation.  All rights reserved.
// </copyright> 
//------------------------------------------------------------------------------

using System;
using System.Web.Security;
using System.Web.UI.WebControls;
using CommunityServer.Blogs.Components;
using CommunityServer.Components;
using CommunityServer.Controls;

namespace CommunityServer.Blogs.Controls
{
    /// <summary>
    /// Summary description for Header.
    /// </summary>
    public class WeblogLogin : WeblogThemedControl
    {
        public WeblogLogin()
        {
            //
            // TODO: Add constructor logic here
            //
        }

        TextBox UserName;
        TextBox Password;
        IButton button;
        CheckBox autoLogin;
        IText message;



        protected override void AttachChildControls()
        {
            UserName = FindControl("UserName") as TextBox;
            Password = FindControl("Password") as TextBox;
            button = FindButton("SignIn");
            autoLogin = FindControl("AutoLogin") as CheckBox;
            message = FindText("message");

            if(button != null)
                button.Click +=new EventHandler(signin_click);
        }

        private void signin_click(object sender, EventArgs e)
        {
            if(Page.IsValid)
            {
                CSContext context = CSContext.Current;

                User user = new User();
                user.Username = UserName.Text;
                user.Password = Password.Text;

                LoginUserStatus loginStatus = Users.ValidUser(user);

                if (loginStatus == LoginUserStatus.Success || 
                    (context.SiteSettings.EnableBannedUsersToLogin && loginStatus == LoginUserStatus.AccountBanned)) 
                {
                    // Are we allowing login?
                    // TODO -- this could be better optimized
                    if (!context.SiteSettings.AllowLogin && !user.IsAdministrator) 
                    {
                        throw new CSException(CSExceptionType.UserLoginDisabled);
                    }

                    FormsAuthentication.SetAuthCookie(user.Username, autoLogin.Checked);

                    if(!Globals.IsNullorEmpty(context.ReturnUrl))
                    {
                        Context.Response.Redirect(context.ReturnUrl);
                    }
                    else
                    {
                        Context.Response.Redirect(BlogUrls.Instance().HomePage(this.CurrentWeblog.ApplicationKey));
                    }

                }
                else
                {
                    message.Text = "Invalid UserName and/or Password";
                    message.Visible = true;
                }

            }
        }
    }
}